Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Intelligent contract security test method based on variation fuzz

A technology for smart contracts and security testing, applied in software testing/debugging, error detection/correction, instrumentation, etc., to solve problems such as low efficiency of smart contract fuzz testing

Active Publication Date: 2020-07-28
NANJING UNIV
View PDF2 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The present invention effectively solves the problem of low efficiency of smart contract fuzz testing by providing a smart contract security testing method based on mutation fuzz, and then helps testers to quickly discover the security problems existing in smart contracts, and at the same time use the test generated in the test Use case to reproduce its problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent contract security test method based on variation fuzz
  • Intelligent contract security test method based on variation fuzz
  • Intelligent contract security test method based on variation fuzz

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] In order to better understand the technical content of the present invention, specific embodiments are given together with the attached drawings for description as follows.

[0063] figure 1 It is a flow chart of a smart contract security testing method based on mutation fuzz in the implementation of the present invention, which is characterized in the following steps:

[0064] S1 smart contract information extraction, given a contract source code that has been deployed on the private chain, analyze its ABI file, and obtain the function declaration set of the contract;

[0065] S2 test data generation, given the function statement set, seed set, input probability and parameter mutation probability based on the seed generation, randomly select some functions from the function statement, generate test cases for these functions, and finally output the test case set.

[0066] S3 smart contract execution and vulnerability detection, given the test case set and seed set, run...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an intelligent contract security test method based on variation fuzz. The method comprises: taking a source code of a smart contract as an input, obtaining an ABI (Application Binary Interface) of the smart contract, finding out elements of function types from the ABI, and extracting function declarations of the elements; on the basis, further generating test data: if the tested function has no seed, randomly generating the test data, otherwise, generating the test data with a certain probability based on seed variation; and then, executing the intelligent contract on the private chain by using the test data, further carrying out vulnerability detection, updating the seeds, and returning to the test input generation step again, and repeating the steps until a presettest termination condition (the termination condition can be test time, path coverage rate and the like) is reached. Through the method, a tester can check whether the smart contract has a security problem or not in a short time, and can refer to input to reproduce the problem.

Description

technical field [0001] The invention belongs to the field of software testing, and is especially suitable for the security detection of smart contracts with a large code size. Its purpose is to improve the efficiency of smart contract fuzz testing. Methods. Background technique [0002] The concept of Smart Contract (Smart Contract) was first proposed in 1996. The proposer Nick Szabo defined it as a digital set of commitments and an agreement that participants must fulfill these commitments. Before the birth of the blockchain, smart contracts have not been well implemented. The consensus mechanism of the blockchain makes this idea a reality. The contract on the blockchain is a program written in a specific language with a certain storage space (state), and the participants of the contract participate in the contract, send or obtain assets by calling the contract code. Among them, the smart contract based on Ethereum is the most representative. Ethereum smart contracts su...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
CPCG06F11/3684
Inventor 房春荣徐文远王兴亚赵源史洋洋蒋燕陈振宇
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com